github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
118,945 Commits 1 Branch 31 Tags 1,019 MiB
05076de57f
Commit Graph

621 Commits

Author SHA1 Message Date
Kubernetes Prow Robot
e339e03ff8
Merge pull request #120814 from Jefftree/fix-openapiv2-aggregator-apiservice 
Fix AddUpdateAPIService for openapiv2
 2023-10-06 21:21:32 +02:00
Jefftree
89adbb4b4a Unit & integration tests for OpenAPIV2 AddUpdateAPIService 2023-10-06 12:57:57 -04:00
Kubernetes Prow Robot
6a84edb2ce
Merge pull request #120222 from tkashem/apf-queue-wait-ctx 
apf: manage request queue wait with context in APF Filter
 2023-10-03 11:16:18 +02:00
Abu Kashem
11ef9514da
apf: remove RequestWaitLimit from queueset config 2023-09-26 08:55:23 -04:00
Kubernetes Prow Robot
cf8f9a8d07
Merge pull request #119334 from kmala/serverapply 
update the dependency sigs.k8s.io/structured-merge-diff/v4 to latest tag
 2023-09-06 12:34:55 -07:00
Kubernetes Prow Robot
f68c66f96d
Merge pull request #119142 from aramase/aramase/f/kep_3331_add_feature_flag 
[StructuredAuthenticationConfig] Add feature flag and wire up `--authentication-config` flag
 2023-09-05 13:08:51 -07:00
Anish Ramasekar
15c02f2a03
add integration tests 
Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>
 2023-08-30 23:14:59 +00:00
Wojciech Tyczyński
b2c0d80c37 Test watch converter encoder 2023-08-29 09:04:12 +02:00
Kubernetes Prow Robot
46e8cfd7d6
Merge pull request #119508 from nayihz/fix_finalizer_validation 
validate crd finalizer name
 2023-08-24 05:22:20 -07:00
nayihz
13b52a1848 fix crd finalizer validation 2023-08-24 13:43:57 +08:00
Kubernetes Prow Robot
2e6eafca3f
Merge pull request #119503 from wojtek-t/pagination_ga 
Graduate APIListChunking to GA
 2023-08-23 10:39:29 -07:00
Tim Hockin
a930892769
Gate: disallow .status.loadBalancer on non-LB svc 
The fact that the .status.loadBalancer field can be set while .spec.type
is not "LoadBalancer" is a flub.  Any spec update will already clear
.status.ingress, so it's hard to really rely on this.  After this
change, updates which try to set this combination will fail validation.

Existing cases of this will not be broken.  Any spec/metadata update
will clear it (no error) and this is the only stanza of status.

New gate "AllowServiceLBStatusOnNonLB" is off by default, but can be
enabled if this change actually breaks someone, which seems exceeedingly
unlikely.
 2023-08-20 16:40:41 -07:00
Jordan Liggitt
1876ddf714
Avoid returning nil responseKind in v1beta1 aggregated discovery 2023-08-09 14:45:33 -04:00
Amine
eb4063f0ce
Add cases to tests AdmissionWebhook MatchConditions size limit (#119404) 2023-07-25 15:36:19 -07:00
Alexander Zielenski
3b9af47118 add admission policy integration test all resources 
duplicates a lot of existing webhook integration test code
 2023-07-24 10:54:54 -07:00
Alexander Zielenski
d647958744 update codegen 2023-07-21 13:56:23 -07:00
Alexander Zielenski
ef8670c946 refactor: replace usage of v1alpha1 with v1beta1 
v1alpha -> v1beta

fill in DenyAction where there is no ParameterNotFoundAction
 2023-07-21 13:41:24 -07:00
Wojciech Tyczyński
6acfa3cb4a Graduate APIListChunking to GA 2023-07-21 14:09:40 +02:00
Alexander Zielenski
b3b775baa5 test: adjust tests for v1beta1 validatingadmissionpolicy 2023-07-20 13:24:09 -07:00
Alexander Zielenski
b5e9e0168c feature: add multiple params capability to VAP controller 2023-07-20 09:30:10 -07:00
Richa Banker
c1aef65640 Add integration test 2023-07-18 17:36:30 -07:00
Keerthan Reddy Mala
106a931c29 fix intergration test 2023-07-18 10:24:04 -07:00
Jefftree
735be024cf Make CRDs built and aggregated lazily for oasv2 2023-07-18 04:49:56 +00:00
Kubernetes Prow Robot
8633adbb07
Merge pull request #119342 from A-Hilaly/api-server/webhooks/match-conditions-integration-tests 
Add integration tests for `MatchConditions` feature gate enablement
 2023-07-17 12:47:23 -07:00
Amine
00de051729 Make matchConditionsFeatureGateInitiallyEnabled a boolean instead 2023-07-17 18:34:42 +01:00
Amine
6b3ce3004d Add integration tests for match conditions feature gate enablement 2023-07-16 01:06:08 +01:00
Cici Huang
13172cba5c
ValidatingAdmissionPolicy: support namespace access (#118267) 
* Support namespace access from cel expression in validatingadmissionpolicy.

* Whitelist the exposed fields in namespace object and add test

* better handling of cluster-scoped resources.

* [API REVIEW] namespaceObject in Expression doc.

* compatibility with composition.

* generated: ./hack/update-codegen.sh && ./hack/update-openapi-spec.sh

* workaround namespace of namespace is unexpectedly set.

* basic test coverage for namespaceObject.

---------

Co-authored-by: Jiahui Feng <jhf@google.com>
 2023-07-14 17:53:08 -07:00
Jiahui Feng
049614f884
ValidatingAdmissionPolicy controller for Type Checking (#117377) 
* [API REVIEW] ValidatingAdmissionPolicyStatucController config.

worker count.

* ValidatingAdmissionPolicyStatus controller.

* remove CEL typechecking from API server.

* fix initializer tests.

* remove type checking integration tests

from API server integration tests.

* validatingadmissionpolicy-status options.

* grant access to VAP controller.

* add defaulting unit test.

* generated: ./hack/update-codegen.sh

* add OWNERS for VAP status controller.

* type checking test case.
 2023-07-13 13:41:50 -07:00
Kubernetes Prow Robot
98e7c2a751
Merge pull request #119237 from jpbetz/jpbetz-apiserver-integration-owner 
Add jpbetz as approver of apiserver integration tests
 2023-07-11 20:03:18 -07:00
Kubernetes Prow Robot
6ffca50136
Merge pull request #116443 from benluddy/secondary-authz-decision-caching 
Cache authz decisions within the scope of validating policy admission.
 2023-07-11 12:41:11 -07:00
Joe Betz
6d6595d0f6 Add jpbetz as approver of apiserver integration tests 2023-07-11 14:36:45 -04:00
Kubernetes Prow Robot
ad72319ece
Merge pull request #115122 from r-erema/110782-oidc-test-coverage 
add integration tests for OIDC authenticator
 2023-07-10 15:29:10 -07:00
roman
18f2e9055f Add OIDC integration tests 2023-07-04 08:04:53 +03:00
Ben Luddy
f1700e4b95
Cache authz decisions within validating policy admission. 
This avoids the surprise of identical authorization checks within a
policy evaluating to different decisions during the same admission
pass, and reduces the overhead of repeatedly referencing the same
authorization check.
 2023-06-28 15:30:04 -04:00
Madhav Jivrajani
bdbf07525f test: remove exception comments in discovery tests 
The exception comments were added due to a false positive in
staticcheck. This has since been rectified.

Signed-off-by: Madhav Jivrajani <madhav.jiv@gmail.com>
 2023-06-27 14:20:41 +02:00
Kubernetes Prow Robot
aaaf70c8ad
Merge pull request #118411 from SataQiu/fix-NoNewBetaAPIsByDefault-20230602 
Remove enabled by default beta resources that have been removed
 2023-06-06 10:20:24 -07:00
SataQiu
a51be9786b remove enabled by default beta resources that have been removed 2023-06-03 00:06:50 +08:00
Jefftree
2111e79f56 Update gnostic references 2023-06-02 14:34:26 +00:00
Joe Betz
68901de898 Enable optionals and add tests 2023-05-31 18:36:50 -04:00
HirazawaUi
5289a7b029 fix fd leaks and failed file removing for test directory 2023-05-09 09:22:31 -05:00
Min Ni
e865b30abd
update serial number to a valid non-zero number in ca certificate (#117791) 
* update serial number to a valid non-zero number in ca certificate

* fix the existing problem (0 SerialNumber in all certificate) as part of this PR in a separate commit
 2023-05-09 06:34:08 -07:00
Kubernetes Prow Robot
6442024f1c
Merge pull request #116779 from jpbetz/cel-ratcheting 
Controlled rollout of CEL libraries and language feautres
 2023-05-08 09:51:40 -07:00
Joe Betz
e740f8340e Introduce CEL EnvSets for managing safe rollout of new CEL features, libraries and expression variables 2023-05-08 11:52:31 -04:00
Kante Yin
859359ad6a Fix strict linting 
Signed-off-by: Kante Yin <kerthcet@gmail.com>
 2023-05-04 10:25:10 +08:00
Kante Yin
a7035f5459 Pass Context to StartTestServer 
Signed-off-by: Kante Yin <kerthcet@gmail.com>
 2023-05-04 10:25:09 +08:00
Kubernetes Prow Robot
78833e1b33
Merge pull request #117713 from flant/ssr-ga 
KEP-3325: Promote SelfSubjectReview to GA
 2023-05-03 08:54:24 -07:00
m.nabokikh
40de26dcff KEP-3325: Promote SelfSubjectReview to GA 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2023-05-02 14:50:40 +02:00
Kubernetes Prow Robot
d6471d01a4
Merge pull request #115843 from rikatz/remote-netpol-status 
Remove/Withdraw  NetworkPolicy Status
 2023-05-01 18:30:10 -07:00
Alexander Zielenski
6de6cd0a65 add integration test for nested $patch in SMP 2023-05-01 11:53:58 -07:00
Ricardo Katz
bff8a6cd9f Remove withdrawn feature NetworkPolicyStatus 2023-05-01 15:19:25 -03:00